Legal claims defining the scope of protection, as filed with the USPTO.
1. A method for use in a communications network, comprising: providing a virtual rack having service modules for performing network services; creating a pinhole that corresponds to a plurality of the service modules; directing data packets to a service processor in response to matching the data packets to the pinhole, wherein creating the pinhole that corresponds to the plurality of service modules comprises: receiving individual pinholes created by respective ones of the plurality of service modules; normalizing the individual pinholes; and generating the pinhole that corresponds to the plurality of service modules according to the normalized individual pinholes.
2. The method of claim 1 , further comprising: offloading the pinhole to an acceleration processor; the acceleration processor receiving the data packets and performing the matching, and in response to performing the matching, forwarding the data packets to the service processor.
3. The method of claim 1 , wherein normalizing the individual pinholes comprises modifying at least one field of at least some of the individual pinholes.
4. The method of claim 1 , wherein directing the data packets to the service processor in response to matching the data packets to the pinhole comprises directing the data packets to the service processor that is selected from multiple service processors.
5. The method of claim 1 , further comprising: defining a connection class that includes plural sessions associated with the service modules of the virtual rack; creating a second pinhole representing the connection class; offloading the connection class to an accelerator processor.
6. The method of claim 5 , wherein creating the second pinhole comprises: receiving individual pinholes from the corresponding service modules of the virtual rack; normalizing the individual pinholes, wherein the second pinhole is created according to the normalized individual pinholes.
7. The method of claim 5 , wherein offloading the connection class to the accelerator processor comprises the service processor offloading the connection class to the accelerator processor.
8. The method of claim 1 , wherein the pinhole is represented as a tuple having at least one field that is set equal to a wildcard value.
9. The method of claim 8 , wherein the tuple includes a source Internet Protocol (IP) address field, a source port field, a destination IP address field, a destination port field, and a protocol field.
10. The method of claim 1 , wherein at least two of the service modules in the virtual rack contain respective application level gateways.
11. A method for use in a communications network, comprising: providing a virtual rack having service modules for performing network services; creating a pinhole that corresponds to a plurality of the service modules; directing data packets to a service processor in response to matching the data packets to the pinhole; defining a connection class that includes plural sessions associated with the service modules of the virtual rack; creating a second pinhole representing the connection class; offloading the connection class to an accelerator processor; and the accelerator processor performing session setup according to further received data packets that match the connection class using information for the connection class that contains high level actions for the service modules.
12. A system comprising: a service processor; an accelerator processor; a virtual rack having plural virtual service modules executable on the service processor to perform respective network services, wherein each of the plural virtual service modules are configured to create individual pinholes; software executable on the service processor to generate a group pinhole for the plural virtual service modules, and to offload the group pinhole to the accelerator processor, wherein generating the group pinhole that corresponds to the plural virtual service modules comprises: receiving the individual pinholes created by respective ones of the plural virtual service modules; normalizing the individual pinholes; and generating the group pinhole that corresponds to the plural virtual service modules according to the normalized individual pinholes.
13. The system of claim 12 , wherein the accelerator processor is configured to: receive a data packet; match fields of the data packet to the group pinhole; and in response to matching the fields of the data packet to the group pinhole, direct the data packet to the service processor.
14. The system of claim 13 , further comprising a plurality of service processors, wherein the data packet is directed to one of the plurality of service processors.
15. The system of claim 12 , wherein the group pinhole is represented by a partially completed tuple in which at least one field is a wildcard.
16. The system of claim 15 , wherein the partially completed tuple comprises a source Internet Protocol (IP) address field, a source port field, a destination IP address field, a destination port field, and a protocol field.
17. The system of claim 12 , wherein the software comprises an operating system.
18. A computer-readable storage medium containing instructions that when executed cause a system to: provide a virtual rack having a plurality of virtual service modules that are executable on a service processor; offload a connection class represented by a pinhole tuple from the service processor to an accelerator processor, wherein the pinhole tuple is a group pinhole generated based on individual pinholes of multiple ones of the virtual service modules; and perform tasks at the accelerator processor according to information associated with the connection class, in response to subsequently received data packets, wherein generating the group pinhole that corresponds to the plurality of virtual service modules comprises: receiving the individual pinholes created by respective ones of the plurality of virtual service modules; normalizing the individual pinholes; and generating the group pinhole that corresponds to the plurality of virtual service modules according to the normalized individual pinholes.
19. The computer-readable storage medium of claim 18 , wherein the connection class identifies a group of connections.
Unknown
June 15, 2010
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.